autofs maps in samba4

Chris Lahti chris.lahti at
Fri Apr 9 18:22:45 MDT 2010

Fantastic, I look forward to your blog entry on how to get this going with Samba4.  Regarding linux/macOS-X authentication, is there any reason not to use Kerberos?  I am compiling samba4 now to test some things, what is the URL of your blog?  Also regarding Windows 7 clients, why are you doing generic Kerberos auth against samba4 kdc?  Would you not just join them to the samba4 domain?



-----Original Message-----
From: Bernd Markgraf [mailto:bernd.markgraf at] 
Sent: Friday, April 09, 2010 3:26 PM
To: Chris Lahti
Cc: samba-technical at
Subject: Re: autofs maps in samba4


I just added the necessary attributes and objectclasses to a Samba4
LDAP-server today (and filed a bug report/feature request to add that
for future releases). 
So this is possible and works nicely here on my systems. I'm running
Solaris instead of Linux though. Should work on Linux in a similar way. 
The short version is to run oLschema2ldif in order to convert your
OpenLdap schema to something Samba4 understands (MS AD-like LDIF).
Add the resulting LDIF to your DIT using ldapadd and create your maps.

That Samba4 DC is also used to do kerberos authentication for W7 clients
and the Solaris machines (Kerberos+LDAP). So far it works quite nice.
But since I only started about a week ago I still have a few minor
details to work on (complete the mapping of all LDAP attributes to
proper Unix meanings etc.) Keep in mind that Samba4 uses the MS AD
schema, so for your Linux clients you will need some mappings (like
homedirectory on the unix side vs unixhomedirectory in the AD-style

I'll write up all the details in the next few days and put them on my


More information about the samba-technical mailing list